Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0bfc72e4-cc7a-4def-ab21-9e672606b826.roa
File:                     0bfc72e4-cc7a-4def-ab21-9e672606b826.roa (raw, json)
Hash identifier:          o+Je0ROfGmq84BtB2exvCa/COAp0kGOdZc8Ror2dVSA=
Subject key identifier:   EF:DB:8C:3B:8F:B8:F5:82:08:AF:7E:B2:43:52:40:71:68:46:02:5F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3427E1105EF17B0ECCFB30134812D4A30891EA73
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0bfc72e4-cc7a-4def-ab21-9e672606b826.roa
Signing time:             Fri 24 May 2024 00:00:00 +0000
ROA not before:           Fri 24 May 2024 00:00:00 +0000
ROA not after:            Fri 28 Jun 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        18.240.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 18 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:27:e1:10:5e:f1:7b:0e:cc:fb:30:13:48:12:d4:a3:08:91:ea:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 24 00:00:00 2024 GMT
            Not After : Jun 28 23:59:59 2024 GMT
        Subject: serialNumber=3e3489c55278a6f503e7067fb4896c3dfe070e25c736c1976d31fb6756fd64db, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ae:91:ac:8c:fb:b0:32:f5:69:88:50:4b:13:
                    32:34:1e:33:3c:0d:6a:b7:4d:b1:b6:09:ec:82:22:
                    60:16:a9:80:3e:ed:1b:16:3a:a6:53:dc:7c:78:a6:
                    b7:66:d4:2a:c7:30:de:e6:9a:a6:a3:9f:d7:1b:34:
                    97:2d:ff:6c:25:18:b0:cf:3b:0f:58:7f:31:c6:b2:
                    cf:21:4a:a2:47:99:35:d5:12:f9:9a:d9:1c:9a:e5:
                    72:4b:1a:1c:42:bd:15:ed:b5:c5:eb:3f:f4:f4:d9:
                    d8:aa:29:36:cd:28:4f:51:ae:39:f1:53:00:25:84:
                    7f:4b:11:e8:42:63:50:9a:dd:68:6b:1f:fa:03:a7:
                    8e:3e:7c:31:d6:8f:be:04:25:dd:94:21:52:10:c9:
                    ae:7a:89:04:d8:5d:3d:ab:37:f2:a6:70:1d:31:88:
                    4b:c6:ce:b0:56:d5:93:d6:63:04:e7:6e:c5:77:46:
                    92:9d:f2:00:02:6b:5b:34:7b:b9:5b:a0:39:a4:ea:
                    a6:45:95:90:dd:2d:ff:a3:bd:f1:0a:9f:47:e3:70:
                    e6:4a:a2:7f:4f:d5:2a:3d:c0:f6:1c:df:0e:10:91:
                    d2:9e:ee:04:a7:25:b8:3f:89:28:fe:31:e9:2f:c6:
                    7f:7e:77:06:1c:e6:b2:4e:0f:8f:35:34:2b:72:0a:
                    bf:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:DB:8C:3B:8F:B8:F5:82:08:AF:7E:B2:43:52:40:71:68:46:02:5F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0bfc72e4-cc7a-4def-ab21-9e672606b826.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.240.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         7f:b6:00:62:77:f1:23:ba:a1:83:d6:8d:a3:00:dd:88:60:c4:
         e2:73:c1:38:28:7f:a8:7b:ce:3c:d0:8c:63:c8:5e:fb:38:a8:
         8e:09:e7:2e:87:0a:49:c6:0c:3e:ef:47:3c:6a:9f:c2:c5:62:
         46:13:61:5f:6c:17:b0:4d:5c:7a:cf:5b:70:05:92:ca:56:80:
         3b:40:ee:90:40:02:30:f2:59:bf:16:ec:a7:17:a4:29:ba:46:
         cd:8c:bd:88:a9:7d:84:63:9d:e7:d3:0e:13:b0:bc:f8:c4:b3:
         01:4e:86:7b:17:dd:eb:7f:b0:5d:9c:7a:04:96:17:37:cf:bb:
         76:cc:cc:18:e3:06:ae:32:31:ce:af:ee:69:27:99:a8:07:48:
         52:0a:23:87:ce:04:e2:12:e2:82:d2:50:d1:d0:6c:53:63:85:
         73:c5:cf:b0:8f:81:de:05:f0:8c:24:45:8d:97:62:4a:22:c4:
         7a:fd:b2:60:67:ff:69:78:20:31:83:24:94:77:58:4c:8c:8d:
         4d:a9:bf:ad:20:9c:10:03:cb:b8:8e:a0:33:b4:2f:a2:65:1d:
         c9:e4:df:8f:b3:4b:40:ee:d6:c5:b3:30:78:8f:56:ee:c4:cf:
         52:6c:f9:40:07:5a:8e:90:5e:0d:e9:53:e8:93:ad:99:f1:80:
         db:01:48:3a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNCfhEF7xew7M+zATSBLUowiR6nMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI0MDAwMDAwWhcNMjQwNjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZTM0ODljNTUyNzhhNmY1MDNlNzA2N2ZiNDg5NmMzZGZl
MDcwZTI1YzczNmMxOTc2ZDMxZmI2NzU2ZmQ2NGRiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxrpGsjPuwMvVpiFBLEzI0HjM8DWq3TbG2CeyCImAWqYA+
7RsWOqZT3Hx4prdm1CrHMN7mmqajn9cbNJct/2wlGLDPOw9YfzHGss8hSqJHmTXV
Evma2Rya5XJLGhxCvRXttcXrP/T02diqKTbNKE9RrjnxUwAlhH9LEehCY1Ca3Whr
H/oDp44+fDHWj74EJd2UIVIQya56iQTYXT2rN/KmcB0xiEvGzrBW1ZPWYwTnbsV3
RpKd8gACa1s0e7lboDmk6qZFlZDdLf+jvfEKn0fjcOZKon9P1So9wPYc3w4QkdKe
7gSnJbg/iSj+Mekvxn9+dwYc5rJOD481NCtyCr8dAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU79uMO4+49YIIr36yQ1JAcWhGAl8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBiZmM3MmU0LWNjN2EtNGRlZi1hYjIxLTllNjcyNjA2YjgyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIS8DANBgkqhkiG9w0BAQsFAAOCAQEAf7YAYnfxI7qhg9aNowDdiGDE4nPB
OCh/qHvOPNCMY8he+ziojgnnLocKScYMPu9HPGqfwsViRhNhX2wXsE1ces9bcAWS
ylaAO0DukEACMPJZvxbspxekKbpGzYy9iKl9hGOd59MOE7C8+MSzAU6Gexfd63+w
XZx6BJYXN8+7dszMGOMGrjIxzq/uaSeZqAdIUgojh84E4hLigtJQ0dBsU2OFc8XP
sI+B3gXwjCRFjZdiSiLEev2yYGf/aXggMYMklHdYTIyNTam/rSCcEAPLuI6gM7Qv
omUdyeTfj7NLQO7WxbMweI9W7sTPUmz5QAdajpBeDelT6JOtmfGA2wFIOg==
-----END CERTIFICATE-----
Generated at Mon Jun 17 18:20:59 2024 by rpki-client on console-ams.rpki-client.org